8 Service APIs
This section provides a reference for APIs that should be implemented by this Building Block.
8 Service APIs
8.1 API specification
8.1.1 Config APIs
CREATE - Creates a new Policy object and returns the new object and a PolicyRevision
- : Grants access to org operations
A set consisting of the new Policy object created, together with the initial Revision object.
bad input parameter
READ - get a Policy object + latest Revision. If a PolicyFilter is supplied and contains a revision_id, then this specific revision is returned.
READ - get a Policy object + latest Revision. If a PolicyFilter is supplied and contains a revision_id, then this specific revision is returned.
- : Grants access to org operations
Unique ID of an object
An object with id revisionId
bad input parameter
UPDATE - Updates an existing Policy object, returning the updated version and a new revision. Updating a Policy does not affect existing references in Agreement, the new revision should be specified for Agreement.
UPDATE - Updates an existing Policy object, returning the updated version and a new revision. Updating a Policy does not affect existing references in Agreement, the new revision should be specified for Agreement.
- : Grants access to org operations
Unique ID of an object
bad input parameter
DELETE - Deletes an existing Policy object, returning the updated version and a new revision. Deleting a Policy is not possible if it's associated with active Agreement.
DELETE - Deletes an existing Policy object, returning the updated version and a new revision. Deleting a Policy is not possible if it's associated with active Agreement.
- : Grants access to org operations
Unique ID of an object
A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.
Aside from "successor" column, a revision should be considered locked.
This was previously called "schema" but for technical reasons should be called "schema_name"
The PK of the object that was serialized.
Indicates that object_id was left blank in serialized_snapshot when calculating serialized_hash. object_id may be subsequently filled in.
Revisioned data (serialized as JSON) as a dict {object_data: {...}, schema_name: ..., object_id: ..., signed_without_object_id: ..., timestamp: ..., authorized_by_individual: ..., authorized_by_other: ...}. It contains all the fields of the schema except id, successor, predessor_hash and predecessor_signature.
Hash of serialized_snapshot (SHA-1)
Timestamp of when revisioning happened
Reference to an admin user that has created this revision
Tamper-resistent artifact from previous record, copied from serialized_hash
Tamper-resistent artifact from previous record (we don't know if the previous record was signed or not)
bad input parameter
LIST - returns the current Policy
- : Grants access to org operations
Unique ID of an object
Requested index for start of resources to be provided in response requested by client
Requested number of resources to be provided in response requested by client
A policy governs data and Agreement in the realm of an organisation that is refered to as "data controller" (GDPR) and owner of referencing Agreements.
Name of the policy
Version of the policy
Permanent URL at which this very version of the Policy can be read, should not be allowed to change over time.
bad input parameter
LIST - Fetches list of readable Policy objects
An object with id revisionId
Requested index for start of resources to be provided in response requested by client
Requested number of resources to be provided in response requested by client
A list of Policy objects readable for the current session's credentials.
bad input parameter
8.1.2 Service APIs
CREATE - Creates an Individual in the Consent system
- : Grants access to org operations
Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent agreements.
The unique ID of an Individual row.
Reference to another foundational/functional ID, which is likely PII
External id type specifier. A string. For instance "email" or "foundational id". Can be used in later queries.
This could be an FK, but for now we do not have a mapping of identity providers. IDBB may have more requirements.
bad input parameter
READ - Fetch an Individual in the Consent system
- : Grants access to org operations
Unique ID of an object
Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent agreements.
The unique ID of an Individual row.
Reference to another foundational/functional ID, which is likely PII
External id type specifier. A string. For instance "email" or "foundational id". Can be used in later queries.
This could be an FK, but for now we do not have a mapping of identity providers. IDBB may have more requirements.
bad input parameter
UPDATE - Updates an Individual in the Consent system
- : Grants access to org operations
Unique ID of an object
Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent agreements.
The unique ID of an Individual row.
Reference to another foundational/functional ID, which is likely PII
External id type specifier. A string. For instance "email" or "foundational id". Can be used in later queries.
This could be an FK, but for now we do not have a mapping of identity providers. IDBB may have more requirements.
bad input parameter
LIST - lists individuals in the system
- : Grants access to org operations
Requested index for start of resources to be provided in response requested by client
Requested number of resources to be provided in response requested by client
bad input parameter
READ - fetches the latest version of a Policy and the presented revisionId of an associated Agreement
READ - fetches the latest version of a Policy and the presented revisionId of an associated Agreement
- : Grants access to org operations
Unique ID of an object
An object with id revisionId
bad input parameter
DELETE - Cascading delete operation for Right To Be Forgotten, deletes all Consent Records that shall not be retained and have a "forgettable" Agreement. May also delete an unsigned Consent Record, for instance in cases where the user exits the signing process. Individual ID supplied as HTTP header.
DELETE - Cascading delete operation for Right To Be Forgotten, deletes all Consent Records that shall not be retained and have a "forgettable" Agreement. May also delete an unsigned Consent Record, for instance in cases where the user exits the signing process. Individual ID supplied as HTTP header.
- : Grants access to specific individual read/write operations
No content
bad input parameter
No content
8.1.3 Audit APIs
READ
Unique ID of an object
A Consent Record expresses consent (as defined in this building block's specification) to a single Agreement. There must be a UNIQUE constraint on (agreement_revision, individual)
Objects may be passed back by some API endpoints without an id (PK), denoting that they are a "draft", i.e. a ConsentRecord that is not yet stored in the database and only exist in transit. Draft ConsentRecords do not have a Revision, but if paired up with a Signature, a valid Revision should be generated.
Copy of the revision hash. The hash is the included in the signature and ensures against tampering with the original agreement.
True: The individual has positively opted in. False: The individual has explicitly said no (or withdrawn a previous consent).
The state field is used to record state changes after-the-fact. It is maintained by the Consent BB itself. Valid states: unsigned/pending more signatures/signed
bad input parameter
Last updated
Was this helpful?